Windows OS Hub
  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu
  • Home
  • About

Windows OS Hub

  • Windows Server
    • Windows Server 2022
    • Windows Server 2019
    • Windows Server 2016
    • Windows Server 2012 R2
    • Windows Server 2012
    • Windows Server 2008 R2
    • SCCM
  • Active Directory
    • Active Directory Domain Services (AD DS)
    • Group Policies
  • Windows Clients
    • Windows 11
    • Windows 10
    • Windows 8
    • Windows 7
    • Windows XP
    • MS Office
    • Outlook
  • Virtualization
    • VMWare
    • Hyper-V
    • KVM
  • PowerShell
  • Exchange
  • Cloud
    • Azure
    • Microsoft 365
    • Office 365
  • Linux
    • CentOS
    • RHEL
    • Ubuntu

 Windows OS Hub / Azure / How to Connect to Azure AD Using PowerShell?

September 1, 2021 AzureMicrosoft 365Office 365PowerShell

How to Connect to Azure AD Using PowerShell?

In this article, we’ll look at how to install the AzureAD PowerShell module, connect to your Azure Active Directory tenant and get some information from Azure. Microsoft currently allows you to use two PowerShell modules to connect to Azure AD:

  • MS Online is an old module to manage the Azure/Office 365 from PowerShell. MSOnline module appeared about 6 years ago and is not developed by Microsoft now.
  • Azure Active Directory PowerShell for Graph (AzureAD) is a modern PowerShell module for interacting with Azure infrastructure. The module is being actively developed, new features are being added (analogs of almost all MSOnline cmdlets are available).

The Azure PowerShell module requires at least a PowerShell version 5.1 installed. You can check your current PowerShell version with the command:

$PSVersionTable.PSVersion

powershell version

Update the version of PowerShell on your computer if necessary.

Now you can install the Azure PowerShell module from the PowerShell Gallery. Open the PowerShell console as an administrator and run the command below:

Install-Module -Name AzureAD

The following message appears:

Untrusted repository. You are installing the modules from an untrusted repository. If you trust this repository, change its InstallationPolicy value by running the Set-PSRepository cmdlet.

Press Y -> Enter.

You can add the PowerShell Gallery to the list of trusted repositories using this command:

Set-PSRepository -Name PSGallery -InstallationPolicy Trusted

Installing AzureAD PowerShell module on Windows

After the installation is over, you can check the version of the AzureAD module:

Get-Module AzureAD –ListAvailable

In our case, it is 2.0.2.135.

Get-Module AzureAD info

In this AzureAD module version, there are 224 cmdlets containing *-AzureAD* in their names. You can display a list of available cmdlets in the module as follows:

Get-Command –Module AzureAD

list cmdlets in the AzureAD module

If you have an older version of the Azure AD installed, you can update it:

Update-Module -Name AzureAD

If you want to install the specific module version, run this command:

Update-Module -Name AzureAD -RequiredVersion 2.0.2.120

You can connect to the Azure tenant:

Connect-AzureAD

The cmdlet will prompt you to enter the credentials you want to use to access the AzureAD directory. In this example, I am using admin account username@woshub.onmicrosoft.com to access my tenant.

Connect-AzureAD from powershell with modern authentification

If you have Azure MFA enabled, confirm sign-in on your device.

You can also get connection credentials in PowerShell and save them into a variable:

$AzureADcreds = Get-Credential

Then you can use it for connection:

Connect-AzureAD -Credential $AzureADcreds

You can use the saved credential from the external Secret Vault using the SecretManagement PowerShell module. It supports almost all popular vault providers: Bitwarden, Azure Key Vault, KeePass, LastPass, HashiCorp Vault, Windows Credential Manager, etc. To connect to Azure AD with your saved credentials from the secret vault, use the following PowerShell command:

Connect-AzureAD -Credential (Get-Secret -Vault MyVaultName -Name azadm_maxbak)

The cmdlet returns a confirmation showing that the session with the Azure Active Directory has been successfully established. The command should display the AzureCloud environment, TenantID, and TenantDomain.

Connect-AzureAD tenant using powershell module

You can get information about the current Azure tenant as follows:

Get-AzureADTenantDetail

Get-AzureADTenantDetail

To connect to the special national Azure (Microsoft 365) clouds, use the –AzureEnvironmentName option.

Connect-AzureAD -AzureEnvironmentName AzureChinaCloud
Connect-AzureAD -AzureEnvironmentName AzureGermanyCloud
Connect-AzureAD -AzureEnvironmentName AzureUSGovernment

By default, the module connects to the Worldwide cloud.

Then you can use AzureAD module cmdlets to get different information from your domain. Let’s find users whose contains Max:

Get-AzureADUser -SearchString Max

PowerShell Get-AzureADUser info

Or get a list of cloud groups in AzureAD:

Get-AzureADGroup

Get-AzureADGroup - list Azure Active Directory groups

To get a list of available licenses in your Office 365 (Microsoft 365) subscription, the following cmdlet is used:

Get-AzureADSubscribedSku | select SkuPartNumber, ConsumedUnits

Get-AzureADSubscribedSku

You can check which Azure license is assigned to the specific user account:

Get-AzureADUser -SearchString maxbak@woshub.onmicrosoft.com | Select -ExpandProperty AssignedLicenses

Then you can get the license name by the SkuID you got:

Get-AzureADSubscribedSku | Where {$_.SkuId -eq "7654321-babb-1234-ababa-2d2345678905"}

check current azure license (subscrition) for a user

To disconnect from Azure in your PowerShell session, run the command below:

Disconnect-AzureAD

0 comment
0
Facebook Twitter Google + Pinterest
previous post
Export Exchange or Office 365 Global Address List (GAL) to CSV
next post
Automatically Add Static Routes After Connecting to VPN

Related Reading

Create Organizational Units (OU) Structure in Active Directory...

May 17, 2022

Windows Security Won’t Open or Shows a Blank...

May 17, 2022

How to Manually Install Windows Updates from CAB...

May 16, 2022

Enable or Disable MFA for Users in Azure/Microsoft...

April 27, 2022

Fix: You’ll Need a New App to Open...

April 27, 2022

Leave a Comment Cancel Reply

Categories

  • Active Directory
  • Group Policies
  • Exchange Server
  • Microsoft 365
  • Azure
  • Windows 11
  • Windows 10
  • Windows 7
  • Windows Server 2019
  • Windows Server 2016
  • Windows Server 2012 R2
  • PowerShell
  • VMWare
  • Hyper-V
  • MS Office

Recent Posts

  • Create Organizational Units (OU) Structure in Active Directory with PowerShell

    May 17, 2022
  • Windows Security Won’t Open or Shows a Blank Screen on Windows 10/ 11

    May 17, 2022
  • How to Manually Install Windows Updates from CAB and MSU Files?

    May 16, 2022
  • RDS and RemoteApp Performance Issues on Windows Server 2019/2016

    May 16, 2022
  • Deploying Software (MSI Packages) Using Group Policy

    May 12, 2022
  • Updating VMware ESXi Host from the Command Line

    May 11, 2022
  • Enable or Disable MFA for Users in Azure/Microsoft 365

    April 27, 2022
  • Fix: You’ll Need a New App to Open This Windows Defender Link

    April 27, 2022
  • How to Reset an Active Directory User Password with PowerShell and ADUC?

    April 27, 2022
  • How to Completely Uninstall Previous Versions of Office with Removal Scripts?

    April 26, 2022

Follow us

woshub.com

ad

  • Facebook
  • Twitter
  • RSS
Popular Posts
  • Whitelist Domains and Email Addresses on Exchange Server and Microsoft 365
  • Checking User Sign-in Logs in Azure AD (Microsoft 365)
  • Enabling Modern or Basic Authentication for Microsoft 365
  • Regional Mailbox Settings (Language, TimeZone) in Outlook, Exchange, and Microsoft 365
  • IdFix: Preparing On-Prem Active Directory Sync with Azure
  • Configuring UserPrincipalName and UPN Suffixes in Active Directory
  • Using Microsoft Graph API to Access Azure via PowerShell
Footer Logo

@2014 - 2018 - Windows OS Hub. All about operating systems for sysadmins


Back To Top